Lucene search

[email protected]NVD:CVE-2016-1034

HistoryApr 12, 2016 - 11:59 p.m.

CVE-2016-1034

2016-04-1223:59:32

[email protected]

web.nvd.nist.gov

9.4 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

9.1 High

AI Score

Confidence

High

0.288 Low

EPSS

Percentile

96.9%

JSON

The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to arbitrary files via unspecified vectors.

Affected configurations

NVD

Node

adobecreative_cloudRange≤3.5.1.209

References

www.zerodayinitiative.com/advisories/ZDI-16-235

helpx.adobe.com/security/products/creative-cloud/apsb16-11.html

9.4 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

9.1 High

AI Score

Confidence

High

0.288 Low

EPSS

Percentile

96.9%

JSON

Related for NVD:CVE-2016-1034

nessus2 cvelist1 adobe1 prion1 zdi1 openvas2 cve1